Return to Video

A new way to stop identity theft

  • 0:02 - 0:04
    So I thought I'd talk about identity.
  • 0:04 - 0:06
    That's sort of an interesting
    enough topic to me.
  • 0:06 - 0:10
    And the reason was,
    because when I was asked to do this,
  • 0:10 - 0:13
    I'd just read in one of the papers,
    I can't remember,
  • 0:13 - 0:16
    something from someone at Facebook saying,
  • 0:16 - 0:19
    "Well, we need to make everybody
    use their real names,
  • 0:19 - 0:21
    and then that's basically
    all the problems solved."
  • 0:21 - 0:22
    And that's so wrong,
  • 0:22 - 0:26
    that's such a fundamentally
    reactionary view of identity,
  • 0:26 - 0:29
    and it's going to get us
    into all sorts of trouble.
  • 0:29 - 0:30
    And so what I thought I'd do is,
  • 0:30 - 0:34
    I'll explain four sort of
    problems about it,
  • 0:34 - 0:36
    and then I'll suggest a solution,
  • 0:36 - 0:38
    which, hopefully,
    you might find interesting.
  • 0:38 - 0:40
    So just to frame the problem:
  • 0:40 - 0:42
    What does "authenticity" mean?
  • 0:42 - 0:43
    That's me,
  • 0:43 - 0:48
    that's a camera phone picture
    of me looking at a painting.
  • 0:48 - 0:49
    [What's the Problem?]
  • 0:49 - 0:52
    That's a painting that was painted
    by a very famous forger,
  • 0:52 - 0:54
    and because I'm not very good
    at presentations,
  • 0:54 - 0:57
    I already can't remember the name
    that I wrote on my card.
  • 0:57 - 1:00
    And he was incarcerated in,
    I think, Wakefield Prison,
  • 1:00 - 1:04
    for forging masterpieces by,
    I think, French Impressionists.
  • 1:04 - 1:07
    And he's so good at it
    that when he was in prison,
  • 1:07 - 1:09
    everybody in prison,
    the governor and whatever,
  • 1:09 - 1:12
    wanted him to paint masterpieces
    to put on the walls
  • 1:12 - 1:13
    because they were so good.
  • 1:13 - 1:16
    And so that's a masterpiece,
    which is a fake of a masterpiece,
  • 1:16 - 1:23
    and bonded into the canvas is a chip
    which identifies that as a real fake,
  • 1:23 - 1:24
    if you see what I mean.
  • 1:24 - 1:25
    (Laughter)
  • 1:25 - 1:28
    So when we're talking about authenticity,
  • 1:28 - 1:30
    it's a little more fractal
    than it appears,
  • 1:30 - 1:32
    and that's a good example to show it.
  • 1:32 - 1:37
    I tried to pick four problems
    that will frame the issue properly.
  • 1:37 - 1:40
    So the first problem, I thought,
    chip and PIN, right?
  • 1:40 - 1:43
    [Banks and legacies
    bringing down the system from within]
  • 1:43 - 1:45
    [Offline solutions do not work online]
  • 1:45 - 1:47
    Everyone's got a chip and PIN card, right?
  • 1:47 - 1:48
    So why is that a good example?
  • 1:48 - 1:51
    That's the example
    of how legacy thinking about identity
  • 1:51 - 1:54
    subverts the security
    of a well-constructed system.
  • 1:54 - 1:57
    That chip-and-PIN card
    that's in your pocket
  • 1:57 - 2:00
    has a little chip on it
    that cost millions of pounds to develop,
  • 2:00 - 2:01
    is extremely secure,
  • 2:01 - 2:04
    you can put scanning
    electron microscopes on it,
  • 2:04 - 2:06
    you can try and grind it down,
    blah blah blah.
  • 2:06 - 2:09
    Those chips have never been broken,
    whatever you read in the paper.
  • 2:09 - 2:13
    And for a joke,
    we take that supersecure chip,
  • 2:13 - 2:16
    and we bond it to a trivially
    counterfeitable magnetic stripe.
  • 2:16 - 2:19
    And for very lazy criminals,
    we still emboss the card.
  • 2:19 - 2:23
    So if you're a criminal in a hurry
    and you need to copy someone's card,
  • 2:23 - 2:26
    you can just stick a piece of paper on it
    and rub a pencil over it
  • 2:26 - 2:27
    just to speed things up.
  • 2:27 - 2:30
    And even more amusingly,
    and on my debit card, too,
  • 2:30 - 2:34
    we print the name and the sort code
    and everything else on the front.
  • 2:34 - 2:35
    Why?
  • 2:36 - 2:40
    There is no earthly reason why your name
    is printed on a chip-and-PIN card.
  • 2:40 - 2:42
    And if you think about it,
  • 2:42 - 2:45
    it's even more insidious and perverse
    than it seems at first.
  • 2:45 - 2:48
    Because the only people that benefit
    from having the name on the card
  • 2:48 - 2:50
    are criminals.
  • 2:50 - 2:51
    You know what your name is, right?
  • 2:51 - 2:52
    (Laughter)
  • 2:52 - 2:55
    And when you go into a shop
    and buy something,
  • 2:55 - 2:57
    it's a PIN -- he doesn't care
    what the name is.
  • 2:57 - 3:00
    The only place you ever have to write
    your name on the back
  • 3:00 - 3:01
    is in America.
  • 3:01 - 3:02
    Whenever I go to America,
  • 3:02 - 3:05
    and I have to pay with a magstripe
    on the back of the card,
  • 3:05 - 3:08
    I always sign it "Carlos Tethers" anyway,
    just as a security mechanism,
  • 3:08 - 3:10
    because if a transaction
    ever gets disputed,
  • 3:11 - 3:13
    and it comes back
    and it says "Dave Birch,"
  • 3:13 - 3:14
    I know it must have been a criminal,
  • 3:14 - 3:17
    because I would never
    sign it "Dave Birch."
  • 3:17 - 3:18
    (Laughter)
  • 3:18 - 3:20
    So if you drop your card in the street,
  • 3:20 - 3:22
    it means a criminal
    can pick it up and read it.
  • 3:22 - 3:25
    They know the name,
    from the name, they can find the address,
  • 3:25 - 3:27
    and then they can go off
    and buy stuff online.
  • 3:27 - 3:29
    Why do we put the name on the card?
  • 3:29 - 3:32
    Because we think identity
    is something to do with names,
  • 3:33 - 3:37
    and because we're rooted
    in the idea of the identity card,
  • 3:37 - 3:38
    which obsesses us.
  • 3:38 - 3:40
    And I know it crashed and burned
    a couple of years ago,
  • 3:40 - 3:44
    but if you're someone in politics
    or the Home Office or whatever,
  • 3:44 - 3:46
    and you think about identity,
  • 3:46 - 3:49
    you can only think of identity
    in terms of cards with names on.
  • 3:49 - 3:52
    And that's very subversive
    in a modern world.
  • 3:52 - 3:55
    So the second example I thought I'd use
  • 3:55 - 3:56
    is chat rooms.
  • 3:57 - 3:58
    [Chatrooms and Children]
  • 3:58 - 3:59
    I'm very proud of that picture.
  • 3:59 - 4:02
    That's my son playing
    in his band with his friends
  • 4:02 - 4:06
    for the first-ever gig,
    I believe you call it, where he got paid.
  • 4:06 - 4:07
    (Laughter)
  • 4:07 - 4:08
    And I love that picture.
  • 4:09 - 4:12
    I'll like the picture of him
    getting into medical school a lot better,
  • 4:12 - 4:13
    (Laughter)
  • 4:13 - 4:14
    I like that one for the moment.
  • 4:14 - 4:16
    Why do I use that picture?
  • 4:16 - 4:20
    Because that was very interesting,
    watching that experience as an old person.
  • 4:20 - 4:22
    So him and his friends,
  • 4:22 - 4:24
    they get together, they booked a room,
    like a church hall,
  • 4:24 - 4:27
    and they got all their friends
    who had bands, got them together,
  • 4:28 - 4:29
    and they do it all on Facebook,
  • 4:29 - 4:33
    and then they sell tickets,
    and the first band on the --
  • 4:33 - 4:36
    I was going to say "menu," that's
    probably the wrong word for it, isn't it?
  • 4:36 - 4:38
    The first band on the list of bands
  • 4:38 - 4:42
    that appears at some
    public music performance of some kind
  • 4:42 - 4:45
    gets the sales from the first 20 tickets,
  • 4:45 - 4:46
    then the next band gets the next 20,
  • 4:46 - 4:48
    and so on.
  • 4:48 - 4:50
    They were at the bottom
    of the menu, like, fifth,
  • 4:50 - 4:51
    I thought they had no chance.
  • 4:51 - 4:53
    He actually got 20 quid. Fantastic, right?
  • 4:53 - 4:55
    But my point is,
    that all worked perfectly,
  • 4:55 - 4:58
    except on the web.
  • 4:58 - 5:00
    So they're sitting on Facebook,
  • 5:00 - 5:03
    and they're sending these messages
    and arranging things,
  • 5:03 - 5:06
    and they don't know who anybody is, right?
  • 5:06 - 5:08
    That's the problem we're trying to solve.
  • 5:08 - 5:09
    If only they were using real names,
  • 5:09 - 5:12
    then you wouldn't be worried
    about them on the internet.
  • 5:12 - 5:13
    So when he says to me,
  • 5:13 - 5:17
    "Oh, I want to go to a chat room
    to talk about guitars" or something,
  • 5:17 - 5:20
    I'm like, "Oh, well,
    I don't want you to go into a chat room
  • 5:20 - 5:22
    to talk about guitars,
  • 5:22 - 5:24
    because they might
    not all be your friends,
  • 5:24 - 5:26
    and some of the people
    that are in the chat room
  • 5:26 - 5:30
    might be, you know, perverts
    and teachers and vicars --"
  • 5:30 - 5:31
    (Laughter)
  • 5:31 - 5:35
    I mean, they generally are,
    when you look in the paper, right?
  • 5:35 - 5:38
    "So I want to know who all the people
    in the chat room are.
  • 5:38 - 5:40
    So, OK, you can go in the chat room,
  • 5:40 - 5:43
    but only if everybody in the chat room
    is using their real names,
  • 5:43 - 5:46
    and they submit full copies
    of their police report."
  • 5:46 - 5:47
    (Laughter)
  • 5:47 - 5:50
    But of course, if anybody
    in the chat room asked for his real name,
  • 5:50 - 5:53
    I'd say, "No. You can't
    give them your real name,
  • 5:53 - 5:55
    because what happens
    if they turn out to be perverts
  • 5:55 - 5:57
    and teachers and whatever?"
  • 5:57 - 5:59
    So you have this odd sort of paradox
  • 5:59 - 6:01
    where I'm happy for him
    to go into this space
  • 6:01 - 6:03
    if I know who everybody else is,
  • 6:03 - 6:06
    but I don't want anybody else
    to know who he is.
  • 6:06 - 6:08
    And so you get this sort of
    logjam around identity,
  • 6:08 - 6:11
    where you want full disclosure
    from everybody else,
  • 6:11 - 6:12
    but not from yourself.
  • 6:12 - 6:14
    And there's no progress, we get stuck.
  • 6:14 - 6:16
    So the chat room thing
    doesn't work properly,
  • 6:16 - 6:19
    and it's a very bad way
    of thinking about identity.
  • 6:19 - 6:23
    Cheerleading ... so, on my RSS feed,
    I saw this thing about --
  • 6:23 - 6:25
    I just said something bad
    about my RSS feed, didn't I?
  • 6:25 - 6:27
    I should stop saying it like that.
  • 6:27 - 6:29
    For some random reason I can't imagine,
  • 6:29 - 6:31
    something about cheerleaders
    turned up in my in-box.
  • 6:31 - 6:35
    And I read this story about cheerleaders,
    and it's a fascinating story.
  • 6:35 - 6:37
    This happened a couple
    of years ago in the US.
  • 6:37 - 6:40
    There were some cheerleaders
    in a team at a high school in the US,
  • 6:40 - 6:43
    and they said mean things
    about their cheerleading coach,
  • 6:43 - 6:47
    as I'm sure kids do about
    all of their teachers all of the time,
  • 6:47 - 6:50
    and somehow, the cheerleading coach
    found out about this.
  • 6:50 - 6:51
    She was very upset.
  • 6:51 - 6:53
    So she went to one of the girls and said,
  • 6:53 - 6:55
    "You have to give me
    your Facebook password."
  • 6:55 - 6:56
    I read this all the time,
  • 6:56 - 6:59
    where even at some universities
    and places of education,
  • 6:59 - 7:01
    kids are forced to hand over
    their Facebook passwords.
  • 7:01 - 7:04
    So you have to give them
    your Facebook password.
  • 7:04 - 7:07
    So the kid -- she was a kid! --
    what she should have said is,
  • 7:07 - 7:09
    "My lawyer will be calling
    you first thing in the morning.
  • 7:09 - 7:13
    It's an outrageous imposition
    on my Fourth Amendment right to privacy.
  • 7:13 - 7:15
    You'll be sued
    for all the money you've got!"
  • 7:15 - 7:16
    That's what she should have said.
  • 7:16 - 7:19
    But she's a kid,
    so she hands over the password.
  • 7:19 - 7:20
    The teacher can't log in,
  • 7:20 - 7:23
    because the school
    has blocked access to Facebook.
  • 7:23 - 7:25
    So the teacher can't log into Facebook
    till she gets home.
  • 7:25 - 7:27
    So the girl tells her friends,
  • 7:27 - 7:30
    "Guess what happened?
    The teacher logged in. She knows."
  • 7:30 - 7:33
    So the girls all logged into Facebook
    and deleted their profiles.
  • 7:33 - 7:35
    So when the teacher logged in,
    there was nothing there.
  • 7:35 - 7:39
    My point is: those identities,
    they don't think about them the same way.
  • 7:39 - 7:43
    Identity is -- especially when
    you're a teenager -- a fluid thing.
  • 7:43 - 7:46
    You have lots of identities,
    you experiment with them.
  • 7:46 - 7:49
    And if you have an identity you don't
    like because it's subverted in some way
  • 7:49 - 7:51
    or it's insecure or it's inappropriate,
  • 7:51 - 7:53
    you just delete it and get another one.
  • 7:53 - 7:56
    The idea that you have an identity
    that's given to you by someone,
  • 7:56 - 7:58
    the government or whatever,
  • 7:58 - 8:01
    and you have to stick with that identity
    and use it in all places
  • 8:01 - 8:02
    is absolutely wrong.
  • 8:02 - 8:05
    Why would you want to really know
    who someone was on Facebook,
  • 8:05 - 8:08
    unless you wanted to abuse them
    and harass them in some way?
  • 8:08 - 8:10
    It just doesn't work properly.
  • 8:10 - 8:11
    And my fourth example is,
  • 8:11 - 8:14
    there are some cases
    where you really want to be --
  • 8:14 - 8:18
    in case you're wondering,
    that's me at the G20 protest.
  • 8:18 - 8:20
    I wasn't actually at the G20 protest,
  • 8:20 - 8:24
    but I had a meeting at a bank
    on the day of the G20 protest.
  • 8:24 - 8:26
    And I got an email from the bank, saying,
  • 8:26 - 8:29
    "Please don't wear a suit,
    because it'll inflame the protesters."
  • 8:29 - 8:32
    I look pretty good in a suit, frankly,
  • 8:32 - 8:35
    so you can see why it would drive them
    into an anticapitalist frenzy.
  • 8:35 - 8:36
    (Laughter)
  • 8:36 - 8:39
    So I thought, "Well, if I don't
    want to inflame the protesters,
  • 8:39 - 8:42
    the obvious thing to do
    is go dressed as a protester."
  • 8:42 - 8:45
    So I went dressed completely in black,
    you know, black balaclava ...
  • 8:45 - 8:48
    I had black gloves on but took them off
    to sign the visitors' book.
  • 8:48 - 8:49
    (Laughter)
  • 8:49 - 8:53
    I'm wearing black trousers and boots,
    I'm dressed completely in black.
  • 8:53 - 8:55
    I go into the bank at 10am
    and go, "Hi, I'm Dave Birch,
  • 8:55 - 8:57
    I've got a 3 o'clock with so-and-so."
  • 8:57 - 9:00
    "Sure!" And they sign me in.
    There's my visitor's badge.
  • 9:00 - 9:01
    (Laughter)
  • 9:01 - 9:05
    So this nonsense about "you've got to have
    real names on Facebook" and whatever,
  • 9:05 - 9:07
    that gets you that kind of security.
  • 9:07 - 9:09
    That gets you "security theater,"
  • 9:09 - 9:11
    where there's no actual security,
  • 9:11 - 9:14
    but people are sort of playing parts
    in a play about security,
  • 9:14 - 9:16
    and as long as everybody
    learns their lines,
  • 9:16 - 9:17
    everyone's happy.
  • 9:17 - 9:19
    But it's not real security, right?
  • 9:20 - 9:23
    Especially because I hate banks
    more than the G20 protesters do,
  • 9:23 - 9:24
    because I work for them.
  • 9:24 - 9:27
    I know that things are actually worse
    than these guys think.
  • 9:27 - 9:30
    (Laughter)
  • 9:30 - 9:35
    But suppose I worked
    next to somebody in a bank
  • 9:35 - 9:37
    who was doing something --
  • 9:37 - 9:41
    you know, they were like people who take
    the money from banks and don't ...
  • 9:42 - 9:43
    you know, they take the money ...
  • 9:43 - 9:46
    Oh -- "traders."
    That's the word I was thinking of.
  • 9:46 - 9:48
    Suppose I was sitting
    next to a rogue trader,
  • 9:48 - 9:50
    and I want to report it
    to the boss of the bank.
  • 9:50 - 9:52
    So I log on to do a little whistleblowing.
  • 9:52 - 9:54
    I send a message,
    "This guy's a rogue trader."
  • 9:54 - 9:55
    That message is meaningless
  • 9:56 - 9:58
    if you don't know
    that I'm a trader at the bank.
  • 9:58 - 10:00
    If that message just comes from anybody,
  • 10:00 - 10:03
    it has zero information value.
  • 10:03 - 10:05
    There's no point in sending that message.
  • 10:05 - 10:07
    You have to know that I'm ...
  • 10:07 - 10:09
    But if I have to prove who I am,
  • 10:09 - 10:11
    I'll never send that message.
  • 10:11 - 10:15
    It's just like the nurse in the hospital
    reporting the drunk surgeon.
  • 10:15 - 10:18
    That message will only happen
    if I'm anonymous.
  • 10:18 - 10:22
    So the system has to have ways
    of providing anonymity in it,
  • 10:22 - 10:25
    otherwise, we don't get
    where we want to get to.
  • 10:25 - 10:27
    So, four issues.
  • 10:27 - 10:29
    So what are we going to do about it?
  • 10:29 - 10:32
    Well, what we tend to do about it
  • 10:32 - 10:35
    is we think about Orwell-space.
  • 10:35 - 10:39
    And we try to make electronic versions
    of the identity card
  • 10:39 - 10:40
    that we got rid of in 1953.
  • 10:40 - 10:43
    So we think if we had a card --
  • 10:43 - 10:44
    call it a Facebook login --
  • 10:44 - 10:45
    which proves who you are,
  • 10:45 - 10:47
    and I make you carry it all the time,
  • 10:47 - 10:48
    that solves the problem.
  • 10:48 - 10:52
    And of course, for all those
    reasons I've just outlined, it doesn't,
  • 10:52 - 10:53
    and it might make some problems worse.
  • 10:53 - 10:56
    The more times you're forced
    to use your real identity,
  • 10:56 - 10:58
    certainly in transactional terms,
  • 10:58 - 11:01
    the more likely that identity
    is to get stolen and subverted.
  • 11:01 - 11:03
    The goal is to stop people
    from using identity
  • 11:03 - 11:05
    in transactions which don't need identity,
  • 11:05 - 11:07
    which is actually almost all transactions.
  • 11:07 - 11:11
    Almost all of the transactions you do
    are not "Who are you?"
  • 11:11 - 11:13
    They're "Are you allowed
    to drive the car?"
  • 11:13 - 11:16
    "Are you allowed in the building?"
    "Are you over 18?"
  • 11:16 - 11:18
    etcetera, etcetera.
  • 11:18 - 11:19
    So my suggestion -- I, like James,
  • 11:20 - 11:23
    think that there should be
    a resurgence of interest in R and D.
  • 11:23 - 11:24
    I think this is a solvable problem.
  • 11:24 - 11:26
    It's something we can do about.
  • 11:26 - 11:29
    Naturally, in these circumstances,
    I turn to Doctor Who.
  • 11:29 - 11:30
    Because in this --
  • 11:30 - 11:31
    (Laughter)
  • 11:31 - 11:33
    as in so many other walks of life,
  • 11:33 - 11:35
    Doctor Who has already
    shown us the answer.
  • 11:35 - 11:39
    So I should say,
    for some of our foreign visitors:
  • 11:39 - 11:42
    Doctor Who is the greatest
    living scientist in England --
  • 11:42 - 11:44
    (Laughter)
  • 11:44 - 11:47
    and a beacon of truth
    and enlightenment to all of us.
  • 11:47 - 11:50
    And this is Doctor Who
    with his "psychic paper."
  • 11:50 - 11:53
    Come on, you guys must have seen
    Doctor Who's "psychic paper."
  • 11:53 - 11:55
    You're not nerds if you say yes.
  • 11:55 - 11:57
    Who's seen Doctor Who's psychic paper?
  • 11:57 - 12:00
    Oh right, you were in the library
    the whole time studying, I guess.
  • 12:00 - 12:02
    Is that what you're going to tell us?
  • 12:02 - 12:04
    Doctor Who's psychic paper is:
  • 12:04 - 12:05
    when you hold up the psychic paper,
  • 12:05 - 12:07
    the person, in their brain,
  • 12:07 - 12:09
    sees the thing that they need to see.
  • 12:09 - 12:11
    So I want to show you a British passport,
  • 12:11 - 12:13
    I hold up the psychic paper,
  • 12:13 - 12:14
    you see a British passport.
  • 12:14 - 12:16
    I want to get into a party,
  • 12:16 - 12:17
    I hold up the psychic paper,
  • 12:17 - 12:19
    I show you a party invitation.
  • 12:19 - 12:21
    You see what you want to see.
  • 12:21 - 12:24
    So what I'm saying is, we need
    to make an electronic version of that,
  • 12:24 - 12:26
    but with one tiny, tiny change,
  • 12:26 - 12:29
    which is that it'll only show you
    the British passport
  • 12:29 - 12:30
    if I've actually got one.
  • 12:30 - 12:33
    It'll only show you the party invitation
    if I actually have one.
  • 12:33 - 12:36
    It will only show you that I'm over 18
    if I actually am over 18.
  • 12:36 - 12:37
    But nothing else.
  • 12:38 - 12:43
    So you're the bouncer at the pub,
    you need to know that I'm over 18.
  • 12:43 - 12:45
    Instead of showing you my driving license,
  • 12:45 - 12:47
    which shows you I know how to drive,
  • 12:47 - 12:49
    what my name is, my address,
    all these kind of things,
  • 12:49 - 12:51
    I show you my psychic paper,
  • 12:51 - 12:53
    and all it tells you is,
    am I over 18 or not.
  • 12:54 - 12:55
    Right.
  • 12:55 - 12:57
    Is that just a pipe dream?
  • 12:57 - 12:59
    Of course not, otherwise
    I wouldn't be here talking.
  • 13:00 - 13:02
    So, in order to build that
    and make it work,
  • 13:02 - 13:04
    I'm only going to name these things,
    I'll not go into them:
  • 13:04 - 13:06
    we need a plan,
  • 13:06 - 13:08
    which is, we're going to build
    this as an infrastructure
  • 13:09 - 13:11
    for everybody to use
    to solve all of these problems.
  • 13:11 - 13:13
    We're going to make a utility.
  • 13:13 - 13:15
    The utility has to be universal,
    you can use it everywhere.
  • 13:15 - 13:19
    I'm just giving you little flashes
    of the technology as we go along.
  • 13:19 - 13:20
    That's a Japanese ATM,
  • 13:20 - 13:23
    the fingerprint template
    is stored inside the mobile phone.
  • 13:23 - 13:24
    So when you want to draw money out,
  • 13:24 - 13:27
    you put the phone on the ATM
    and touch your finger,
  • 13:27 - 13:29
    your fingerprint
    goes through to the phone,
  • 13:29 - 13:31
    the phone says, "Yes, that's whoever,"
  • 13:31 - 13:33
    and the ATM then gives you some money.
  • 13:33 - 13:36
    It has to be a utility
    that you can use everywhere.
  • 13:36 - 13:37
    It has to be absolutely convenient.
  • 13:37 - 13:41
    That's me going into the pub.
  • 13:41 - 13:43
    All the device on the door
    of the pub is allowed is:
  • 13:44 - 13:47
    Is this person over 18
    and not barred from the pub?
  • 13:47 - 13:50
    And so the idea is,
    you touch your ID card to the door,
  • 13:50 - 13:52
    and if I'm allowed in,
    it shows my picture,
  • 13:52 - 13:54
    if I'm not, it shows a red cross.
  • 13:54 - 13:56
    It doesn't disclose any other information.
  • 13:56 - 13:58
    It has to have no special gadgets.
  • 13:58 - 14:01
    That can only mean one thing,
    following on from Ross's statement,
  • 14:01 - 14:04
    which I agree with completely:
    if it means no special gadgets,
  • 14:04 - 14:05
    it has to run on a mobile phone.
  • 14:05 - 14:08
    That's the only choice we have,
    to make it work on mobile phones.
  • 14:08 - 14:11
    There are 6.6 billion
    mobile phone subscriptions.
  • 14:11 - 14:14
    My favorite statistic of all time:
    only 4 billion toothbrushes in the world.
  • 14:14 - 14:16
    That means something. I don't know what.
  • 14:16 - 14:17
    (Laughter)
  • 14:17 - 14:19
    I rely on our futurologists to tell me.
  • 14:20 - 14:22
    It has to be a utility
    which is extensible.
  • 14:22 - 14:24
    So it has to be something
    that anybody could build on.
  • 14:24 - 14:27
    Anybody should be able
    to use this infrastructure;
  • 14:27 - 14:29
    you don't need permissions,
    licenses, whatever.
  • 14:29 - 14:33
    Anyone should be able
    to write some code to do this.
  • 14:33 - 14:37
    Well, you know what symmetry is,
    so you don't need a picture of it.
  • 14:37 - 14:38
    This is how we're going to do it.
  • 14:38 - 14:41
    We're going to do it using phones
    and mobile proximity.
  • 14:41 - 14:42
    I'm going to suggest to you
  • 14:42 - 14:46
    the technology to implement Doctor Who's
    psychic paper is already here,
  • 14:46 - 14:49
    and if any of you have got
    one of the new Barclay's debit cards
  • 14:49 - 14:51
    with the contactless interface on it,
  • 14:51 - 14:53
    you've already got that technology.
  • 14:53 - 14:56
    Have you ever been up to the big city
    and used an Oyster card?
  • 14:56 - 14:57
    Does that ring a bell?
  • 14:57 - 14:58
    The technology already exists.
  • 14:58 - 15:01
    The first phones that have
    the technology built in --
  • 15:01 - 15:04
    the Google Nexus, the S II,
    the Samsung Wave 578 --
  • 15:04 - 15:08
    the first phones that have the technology
    built into them are already in the shops.
  • 15:08 - 15:10
    So the idea that the gasman
    can turn up at my mum's door,
  • 15:10 - 15:12
    and he can show my mum his phone,
  • 15:12 - 15:14
    and she can tap it with her phone,
  • 15:14 - 15:17
    and it'll come up with green
    if he really is from British Gas
  • 15:17 - 15:18
    and allowed in,
  • 15:18 - 15:21
    and will come up with red
    if he isn't, end of story.
  • 15:21 - 15:22
    We have the technology to do that.
  • 15:22 - 15:23
    And what's more,
  • 15:23 - 15:26
    although some of those things
    sound a bit counterintuitive,
  • 15:26 - 15:29
    like proving I'm over 18
    without proving who I am,
  • 15:29 - 15:31
    the cryptography to do that
    not only exists,
  • 15:31 - 15:33
    it's extremely well-known
    and well-understood.
  • 15:33 - 15:36
    Digital signatures, the blinding
    of public key certificates --
  • 15:36 - 15:38
    these technologies
    have been around for a while,
  • 15:38 - 15:40
    we've just had no way
    of packaging them up.
  • 15:40 - 15:42
    So the technology already exists.
  • 15:42 - 15:45
    We know it works.
  • 15:45 - 15:48
    There are a few examples
    of the technology being used
  • 15:48 - 15:49
    in experimental places.
  • 15:49 - 15:50
    That's London Fashion Week,
  • 15:50 - 15:52
    where we built a system with O2.
  • 15:52 - 15:55
    That's for the Wireless
    Festival in Hyde Park.
  • 15:55 - 15:57
    You can see the person's
    walking in with their VIP band,
  • 15:57 - 16:00
    it's being checked by the Nokia phone
    that's reading the band.
  • 16:00 - 16:03
    I'm only putting those up to show you
    these things are prosaic,
  • 16:03 - 16:05
    this stuff works in these environments.
  • 16:05 - 16:07
    They don't need to be special.
  • 16:07 - 16:12
    So finally, I know that you can do this,
  • 16:12 - 16:17
    because if you saw
    the Easter special of Doctor Who,
  • 16:17 - 16:20
    where he went to Mars in a bus --
  • 16:20 - 16:23
    I should say, again,
    for our foreign students:
  • 16:23 - 16:24
    that doesn't happen in every episode.
  • 16:24 - 16:26
    This was a very special case.
  • 16:26 - 16:29
    So in the episode where he goes
    to Mars in a London bus --
  • 16:29 - 16:30
    I can't show you the clip,
  • 16:30 - 16:33
    due to the outrageous restrictions
    of Queen Anne-style copyright
  • 16:33 - 16:34
    by the BBC --
  • 16:34 - 16:37
    but in the episode where he goes
    to Mars in a London bus,
  • 16:37 - 16:41
    Doctor Who is clearly shown
    getting onto the bus
  • 16:41 - 16:43
    with the Oyster card reader
  • 16:43 - 16:44
    using his psychic paper.
  • 16:44 - 16:48
    Which proves that psychic paper
    has an NFC interface.
  • 16:48 - 16:49
    Thank you very much.
  • 16:49 - 16:50
    (Applause)
Title:
A new way to stop identity theft
Speaker:
David Birch
Description:

Bartenders need to know your age, retailers need your PIN, but almost no one actually needs your name -- except for identity thieves. ID expert David Birch proposes a safer approach to personal identification -- a "fractured" approach -- that would almost never require your real name.
more » « less
Video Language:
English
Team:
closed TED
Project:
TEDTalks
Duration:
17:01

  • Camille Martínez

    Hello,

    The English transcript was updated on 6/10/20. Please make a note of the following edits:

    02:30 salt code ---> sort code
    04:30 home office ---> Home Office
    15:02 the Samsung Wifi 7.9 ---> the Samsung Wave 578
    16:44 MSE ---> NSF

    Thank you!

English subtitles

Revisions Compare revisions

Our website uses cookies for analysis purposes.